CVE-2021-42287

This repository contains a functional exploit for CVE-2021-42287, a vulnerability in Active Directory Domain Controllers that allows domain user to domain admin privilege escalation. The exploit leverages the absence of a PAC (Privilege Attribute Certificate) in TGTs to forge tickets.

This PowerShell script is a proof-of-concept exploit for CVE-2021-42287, a privilege escalation vulnerability in Active Directory. It leverages a flaw in the SAM protocol to escalate privileges to domain admin by exploiting a writeACL vulnerability.

This PowerShell script exploits CVE-2021-42287, a vulnerability in Active Directory domain controllers that allows for privilege escalation via sAMAccountName spoofing. The script uses embedded base64-encoded Rubeus binaries to perform the attack.

This repository contains a modified version of the noPac exploit for CVE-2021-42287, which combines sAMAccountName spoofing and KDC deception to achieve privilege escalation in Active Directory environments. The PoC includes optimizations such as MachineAccountQuota checks and TGT output.

The repository claims to be a scanner/exploiter for CVE-2021-42287 but instead contains a malicious PowerShell command that downloads and executes a remote script from a suspicious domain. No legitimate exploit or scanner code is present.

The repository describes a tool called CVE-Scanner designed to scan and exploit vulnerabilities, including CVE-2021-42287. It provides a command-line interface for scanning targets and generating reports, but no actual exploit code is present in the provided README.

This repository contains a functional exploit for CVE-2021-42287 (noPac), which chains with CVE-2021-42278 to achieve privilege escalation in Active Directory. The exploit adds a computer account, manipulates its sAMAccountName to impersonate a domain controller, and then uses Kerberos delegation to obtain a ticket for a domain admin, leading to remote code execution or hash dumping.

This repository contains a functional exploit for CVE-2021-42287 (noPac), which chains with CVE-2021-42278 to impersonate a Domain Admin from a standard domain user. The exploit includes modules for S4U2self, computer addition via SAMR, and post-exploitation actions like shell execution and hash dumping.

This repository contains a functional exploit for CVE-2021-42287 and CVE-2021-42278, which allows a standard domain user to impersonate a Domain Admin by exploiting a sAMAccountName spoofing vulnerability. The exploit chain involves creating a machine account, renaming it to match a DC's hostname, and then using Kerberos delegation to obtain a ticket for a Domain Admin.